Infineon: Breaking Down Automotive Attacks

The company's products range from chips that offer basic security with secure hardware extension (SHE) as seen in Audo MAX, to the Aurix integrated with hardware security module (HSM).

While Audo MAX offers basic security by integrating functions such as secure boot and hardware acceleration, Aurix goes several steps further by embedding a hardware security module (HSM) in an automotive microcontroller. Inside the microcontroller, HSM offers a secure environment -- separated by a firewall and equipped with its own ARM-based CPU, to run secure applications. Those secure apps would not use the automotive microcontroller (usually embedded with Infineon's proprietary TriCore processing cores).

More specifically, Aurix's HSM comes with AES128 and true number generator implemented in hardware, customer-specific requirements like HASH or asymmetric encryption in software, in order to offer encryption and decryption.

Instead of using those HSM-embedded automotive microcontrollers, OEMs can also opt to add a "Secure Element" to existing automotive microcontrollers used in ECUs. In Infineon's case, its Secure Element product is SLI 76 -- a SIM card chip hardened to endure the harsh automotive environment. While both Audo MAX and Aurix are designed to protect ECUs from logical attacks, Secure Element is used to protect keys, security, and secrets from physical attacks.

Both the chip industry and car OEMs are said to be keenly aware of the future risk of side-channel attacks -- with hackers using power analysis to extract secrets, or more significantly when the use of wireless communications from cars becomes rampant, through car-to-car and vehicle-to-infrastructure communications, E-call, and infotainment.

Full EVITA spec?
To protect a vehicle against attacks via various real-time communications with the external world, chip companies could be required to offer hardware security modules that are compliant with the full EVITA spec.

Indeed, the EVITA specs, born out of an EU project that ended late 2011, offers three levels of security: Light EVITA HSM focused on securing the interaction between secured ECUs and sensors and actuators; medium EVITA designed to secure the on-board communication; and full EVITA for protecting the in-vehicle domain against security vulnerabilities of V2X communications. It requires creating and verifying electronic signatures.

According to Infineon's microcontroller security roadmap, the German company is already offering Audo MAX chips at a 90nm process (already designed into commercially available cars) and Aurix chips based on medium EVITA HSM at 65nm process. The start of production of cars using Aurix chips is expected in 2014, according to Steurich. These chips are already in the hands of automotive OEMs.

Asked about Infineon's plan for chips based on the full EVITA spec, Steurich said, "We are closely monitoring the market." He did not mention when any products might be launched.

The medium and full EVITA specs are similar, except that the full version requires an asymmetric cryptographic building block in hardware and more CPU processing power. Meanwhile, the medium HSM has no asymmetric cryptographic building block, although as Infineon's Aurix chip can demonstrate, it can perform some non-time-critical asymmetric cryptographic operation in software.

In the end, carmakers' purchasing managers are likely to need more persuasion, or maybe a catastrophe, before they believe that the "threats are real."

Interesting to see that Infineon has defined its own vision of Trusted Execution Environment. It seems to be much different from what is under standardization at Global Platform. Result may be confusion in people's mind.

Thanks for your comment, ip2design. Could you please educate me how exactly GlobalPlatform's standard for trusted execution environment is different from what's described above in this story I wrote based on the interview with Infineon? I would appreciate your explanation.

TEE is a joint effort between ARM, Gemalto and Giesecke to secure any mobile device. Architecture is based on the principle of running 2 OS : 1 rich OS like Android and 1 secure OS (provided by Trusted Labs in this case). The system relies on secure OS and dedicated HW (ARM TrustZone) implemented in any Cortex-Ax processor. More can be found on Trustonic web site but I am sure that some ARM experts can bring much detail on the forum.

Regarding GlobalPlatform standardization process, I guess the status can be found on the website.

Thanks for your quick response. Much appreciate it. I am going to check this out...but here, what you are saying is that this TEE effort is directly applicable to how one designs a secure hardware module in an automotive microcontroller?

I much prefer this type of security discussion to the type that throws out any and all vulnerabilties with no apparent regard to type or severity. Which ends up sounding like an attempt at high drama.

Not sure I understand the jargon used by Infineon. I would separate the types of attack into categories such as infotainment system intrusion, monitoring vehicle functions (e.g. someone remotely accessing the car's location and movements), theft, remotely manipulating controls (brakes, throttle, steering), and local hacking into control algorithms.

The local hacking worries me less than it worries the auto manufacturers, no doubt. It worries me less because there's so much sabotage possible locally, and always has been, that this added vulnerability seems like nothing fundamentally new. An obvious example from the past was to "reprogram" the pollution controls, to get better fuel economy and performance. (Been there, done that.) I'm sure one aspect today, that the auto manufacturers worry over, is to disable the speed-limiting function. Speed limiting is used by manufacturers in order select the tires and brake systems they will install in a car. So an owner messing with speed limiting could result in legal action against the company.

Theft is another aspect that has existed forever. Modern cars help, in that regard, even if there are new attack vectors created.

Clearly the most worrisome would be remotely hacking into the critical controls. And this article shows how such attack vectors can be protected against, even in a fully integrated control environment. In my work, often the isolation between less critical and more critical subsystems is made even more positive, by physically permitting data to travel between systems only in one direction (e.g. to allow monitoring of functions by the less critical system only, and no control signals can possibly flow back to the more critical control system). Obviously, however, with the advent of self-driving cars, this absolute isolation will not always be possible. But surely, everyone is well aware of this. As the saying goes, there's no such thing as a free lunch.

I talked to the gentleman at Infineon on this topic. Here's the skinny:

Yes, Trusted Execution Environment (TEE) is being developed at Global Platform; TEE in that context (approach based on the use of a separate OS) is designed for smart cards such as SIM cards and payment cards. Martin Klimke, principal of technical marketing, Chip Card & Security division at Infineon, describes it as "a big sophisticataed standard."

That said, TEE is a generic term. It is not just tied to Global Platform's standardization work. For example, Intel calls its own Trusted Platform Module (TPM) as TEE.

So while the Global Platform's TEE work for smart cards is well defined and offers a pretty sophisticated standard, it doesn't mean that it will change everything for other industries. When asked if Global Platform's work will directly impact the architecture of secure hardware module used in automotive microcontrollers, Mr. Klimke said, "Up to now, no."

But maybe some years in the future, the automotive industry may see it as a way to go, he added.

There must be worldwide a huge ecomical damage because of odometer fraud. There are estimations that only in Germany each year two million used cars are sold with manipulated odometers. The total damage ist estimated at six billion euros or 3000 euros per used car. I fear, the situation is not better in other countries.

No doubt, odometer fraud exists and results in extra monetary costs to consumers. However honestly, that's another example of something that has existed forever, and it's not a safety issue at all. Turning back mechanical odometers was practically expected, in used car sales, and a good auto inspector can usually tell whether the odometer reading matches the other cues of use.